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In the Claims : 

Amend the claims as follows: 

5 

1. (Currently amended) A method for secure forwarding of a 
message from a first computer to a second computer via an 
intermediate computer in a telecommunication network, 

10 comprising: 

establishing a secure connection between the first computer 
and the second computer via the intermediate computer, 
■a-) — forming a message in the first computer or in a computer 
that is served by the first computer, — and in the latter case 

15 sending the message to the first computer, 

te-)- in the first computer, forming a secure message by giving 
the secure message a first unique identity and a first 
destination address to the intermediate computer , 
■e-)- sending the secure message from the first computer to the 

20 intermediate computer, 

■df the intermediate computer receiving the secure message and 
performing a translation by using said destination address and 
the first unique identity to find aft a second destination 
address to the second computer, 

25 ef the intermediate computer substituting the current first 

destination address with the found second destination address 
to the second computer, 

■f-)- the intermediate computer substituting the first unique 
identity with another a second unique identity, and 
30 g-)- the intermediate computer forwarding the secure message 
with the second substituted current destination address and 
the second substituted unique identity to the second computer. 



2. (Currently amended) The method of claim 1 wherein the 
35 method further comprises forming the secure message in step b) 
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by using an IPSec connection between the first computer and 

the second computer. 

3. (Previously presented) The method of claim 1 wherein the 

5 method further comprises performing a secure forwarding of the 
message by making use of SSL or TLS protocols. 

4. (Previously presented) The method of claim 2 wherein the 
method further comprises manually performing a preceding 

10 distribution of keys to components for forming the IPSec 
connection . 

5. (Previously presented) The method of claim 2 wherein the 
method further comprises performing a preceding distribution 

15 of keys for forming the IPSec connection by an automated key 
exchange protocol. 

6. (Previously presented) The method of claim 5 wherein the 
method further comprises performing the automated key exchange 

20 protocol used for the preceding distribution of keys for 

forming the IP Sec connection by means of a modified IKE key 
exchange protocol between the first computer and the 
intermediate computer and by means of a standard IKE key 
exchange protocol between the intermediate computer and the 

25 second computer. 

7. (Currently amended) The method of claim 2 wherein the 
method further comprises sending the message that is sent from 
the first computer in step c) as a packet that contains 

30 message data, an inner IP header containing the actual sender 
and receiver addresses, an outer IP header containing the 
addresses of the first computer and the intermediate computer, 
the unique identity. 

35 8. (Previously presented) The method of claim 1 wherein the 



rf Attorney Docket No. 2 90.1078USN 1/17/09 - 4 - 

method further comprises the IPSec connection being one or 
more security associations (SA) and the unique identity being 
one or more SPI values. 

5 9. (Currently amended) The method of claim 1 wherein the 

method further comprises performing the matching in step d) by 
using a translation table stored at the intermediate computer. 

10. (Currently amended) The method of claim 1 wherein the 
10 method further comprises changing both the address and the 

SPI-value by the intermediate computer in steps c) — and f ) . 

11. (Previously presented) The method of claim 1 wherein the 
method further comprises the first computer being a mobile 

15 terminal so that the mobility is enabled by modifying the 
translation table at the intermediate computer. 

12. (Previously presented) The method of claim 11 wherein the 
method further comprises performing the modification of the 

20 translation tables by sending a request for registration of 
the new address from the first computer to the intermediate 
computer . 

13. (Previously presented) The method of claim 12 wherein the 
25 method further comprises sending a reply to the request for 

registration from the intermediate computer to the first 
computer . 

14. (Previously presented) The method of claim 12 wherein the 
30 method further comprises authenticating or encrypting by IPSec 

the request for registration and/or reply. 

15. (Previously presented) The method of claim 4 wherein the 
method further comprises establishing the key distribution for 

35 the secure connections by establishing an IKE protocol 
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translation table, and using the translation table to modify 
IP addresses and cookie values of IKE packets in the 
intermediate computer. 

5 16. (Currently amended) The method of claim 15 wherein the 
method further comprises establishing the key exchange 
distribution byj_ 

generating an initiator cookie and sending a zero responder 
cookie to the second computer, 
10 generating a responder cookie in the second computer, 

establishing a mapping between IP addresses and IKE cookie 
values in the intermediate computer, and 

using the translation table to modify IKE packets in flight by 
modifying the external IP addresses and possibly IKE cookies 
15 of the IKE packets. 

17. (Currently amended) The method of claim 15 wherein the 
method further comprises modifying %fee a modified IKE protocol 
between the first computer and the intermediate computer by 

20 transmitting the IKE keys from the first computer to the 
intermediate computer in order to decrypt and modify IKE 
packets . 

18. (Currently amended) The method of claim 15 wherein the 
25 method further comprises carrying out in trhe a modified IKE 

protocol between the first computer and the intermediate 
computer the modification of the IKE packets by the first 
computer with the intermediate computer reguesting such 
modifications . 

30 

19. (Previously presented) The method of claim 17 wherein the 
method further comprises defining the address so that the 
first computer is identified for the second computer by the 
intermediate computer by means of an IP address taken from a 

35 pool of user IP addresses when forming the translation table. 
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20. (Previously presented) The method of claim 1 wherein the 
method further comprises sending the secure message by using 
an IPSec transport mode. 

5 

21. (Previously presented) The method of claim 1 wherein the 
method further comprises sending the secure message by using 
an IPSec tunnel mode. 

10 22. (Currently amended) A telecommunication network for secure 
forwarding of messages, comprising: 

at least a first computer, a second computer and an 
intermediate computer, the first computer and the second 
computer having a secure connection therebetween via the 
15 intermediate computer, 

the first and the second computers having means for performing 
an IPSec processing, and 

the intermediate computer having translation tables to perform 
IPSec and IKE translation. 

20 

23. (Previously presented) The telecommunication network of 
claim 22 wherein the translation table for IPSec translation 
has IP addresses of the intermediate computer to be matched 
with IP addresses of the second computer. 

25 

24. (Previously presented) The telecommunication network of 
claim 22 wherein the translation tables for IKE translation 
consists of two partitions, one for the communication between 
the first computer and the intermediate computer and another 

30 for the communication between the intermediate computer and 
the second computer. 

25. (Previously presented) The telecommunication network of 
claim 24 wherein both partitions of the mapping table for IKE 

35 translation contains translation fields for a source IP 
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address, a destination IP address, initiator and responder 

cookies between respective computers. 



26. (Currently amended) The telecommunication network of claim 
5 22 wherein there is another translation table for IKE 

translation containing fields for matching a given user to a 
given second computer. 

27. (New) A telecommunication network for secure forwarding of 
10 messages, comprising: 

a first computer, 
a second computer, 

an intermediate computer electronically connected to the first 
computer and the second computer, the first and the second 
15 computers having a secure connection between them via the 
intermediate computer, and 

the intermediate computer having means for performing 
translation between destination addresses and secure 
identities for forwarding secure messages received from the 
2 0 first computer to the second computer. 



25 



